South Korea’s largest telecom provider, SK Telecom, has confirmed a data breach following a malware-based cyberattack. With tens of millions of subscribers and roughly half the country’s wireless market under its belt, this is a major incident — and it raises serious concerns for any organization handling sensitive user data.

According to a statement released on Tuesday, SK Telecom detected the breach on April 19. The attackers managed to infiltrate internal systems, deploy malware, and steal customer information. While the exact type and extent of data hasn’t been made public, the fallout is already in motion.

Here’s what stood out from the disclosure:

• Malware was successfully deployed inside SK Telecom’s systems.
• Personal customer information was accessed and exfiltrated.
• The company has isolated affected systems and says the malware has been removed.
• KISA (Korea Internet Security Agency) has been notified and is involved in the investigation.
• Free SIM protection services are now being offered to customers—suggesting the attackers could attempt SIM swapping or account takeovers.

We don’t yet know who was behind the attack. There’s no indication this was a ransomware incident, and no threat actor has claimed responsibility. That doesn’t rule out state-sponsored activity—telecoms are prime targets for espionage, and we’ve seen suspected nation-state actors, especially from China, go after similar infrastructure before.